IETF Logo Mail Archive

Re: [MMUSIC] SCTP-SDP: Virtual Connection impact

Roman Shpount <roman@telurix.com> Wed, 01 April 2015 15:29 UTC

Return-Path: <roman@telurix.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0301C1ACD86 for <mmusic@ietfa.amsl.com>; Wed, 1 Apr 2015 08:29:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4T10orjxtT0N for <mmusic@ietfa.amsl.com>; Wed, 1 Apr 2015 08:29:25 -0700 (PDT)
Received: from mail-ig0-f171.google.com (mail-ig0-f171.google.com [209.85.213.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBFAB1ACD80 for <mmusic@ietf.org>; Wed, 1 Apr 2015 08:29:24 -0700 (PDT)
Received: by igcxg11 with SMTP id xg11so49409202igc.0 for <mmusic@ietf.org>; Wed, 01 Apr 2015 08:29:24 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=8rBEf5troIuZ3jQNbzp1JM20gDi0dk672wBv8pAqBi4=; b=G5QboavsrhlpsIrpORbPAnahoAnavRKuXKGGO4fupyHD8ZXaqlzudhQtXENUwTH2S8 jxs82m6tdIKw/xQpYpEXg/EssgO2WDApWJsNO6yJAvrlWaWEET9a7TpFVD3GJoqMaT8s 4EolN9R2Ptkg6CrpF75cCxAPm6cFn1RS5Nv3UwKF4ROg55BXRXjRNmk1bUG2iReWg9f+ I0DNQ+dq70e3a16xHiDA+nooNuXZh+VZHzoW6+BG+jmHJS35ulWOkkDub1iplW5Tp3rA Vr98TvGEyXDV7tHXodoL+Mvppi5cB87/LtI7W7vio9kKCppRH39ELtBkV34+OFypSrLK FLig==
X-Gm-Message-State: ALoCoQkA6Z6QHgl2aQMEU7SGCmS/1RtO+10tvgIwd/piyg4S0jXe9T6AbzXHXxCokxop0HYVIoUA
X-Received: by 10.42.119.202 with SMTP id c10mr74662630icr.4.1427902164316; Wed, 01 Apr 2015 08:29:24 -0700 (PDT)
Received: from mail-ie0-f170.google.com (mail-ie0-f170.google.com. [209.85.223.170]) by mx.google.com with ESMTPSA id u19sm1368137iou.18.2015.04.01.08.29.22 for <mmusic@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 01 Apr 2015 08:29:23 -0700 (PDT)
Received: by ierf6 with SMTP id f6so45996148ier.2 for <mmusic@ietf.org>; Wed, 01 Apr 2015 08:29:22 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.43.69.68 with SMTP id yb4mr73861646icb.96.1427902162130; Wed, 01 Apr 2015 08:29:22 -0700 (PDT)
Received: by 10.36.124.86 with HTTP; Wed, 1 Apr 2015 08:29:22 -0700 (PDT)
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B1D787E27@ESESSMB209.ericsson.se>
References: <7594FB04B1934943A5C02806D1A2204B1D78274F@ESESSMB209.ericsson.se> <CAD5OKxvGbJj_rRtLX7rjzkPZ6R8Wg92L2Y6gz1VtpV_etzaSiw@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D78511C@ESESSMB209.ericsson.se> <CAD5OKxum9Dt3vAxwAfa9LWiprSGkYHA1MrLspAee_-T8U=Ccvw@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D786CD9@ESESSMB209.ericsson.se> <CAD5OKxuj2TjgN2an9DywrQbBi38u38QSuuQb_eAoGU61DC8ENQ@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D787E27@ESESSMB209.ericsson.se>
Date: Wed, 01 Apr 2015 11:29:22 -0400
Message-ID: <CAD5OKxto0Cqmf9C1-Gg7O2+WQdaRwNGszKGQf4ccSUP7K9ZOEw@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Content-Type: multipart/alternative; boundary="bcaec51b1be925eb450512ab614b"
Archived-At: <http://mailarchive.ietf.org/arch/msg/mmusic/9ICM8N4K1nl-RkMNlCAWVd_nGfA>
Cc: mmusic <mmusic@ietf.org>
Subject: Re: [MMUSIC] SCTP-SDP: Virtual Connection impact
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 15:29:27 -0000

Hi Christer,

I have looked through the slides and I think they are misleading. To me
they seem to imply that DTLS association is orthogonal to transport and
only gets re-established when fingerprint changes. In other words, even if
the underlying transport changes, but fingerprint stays the same, the
slides imply that existing DTLS association continues to be used with the
new transport. BTW, I think this is what Chrome is currently doing. This
behavior is against the proposed specification language ("If the underlying
transport protocol is modified, the endpoints MUST establish a new DTLS
connection"). This also presents a serious problem in the use case where
third party call control is used to move the call between the several end
point that use the same site-wide certificate. All of those end points will
present the same fingerprint, but the DTLS connection will need to be
re-established since the media connection is moved to a different device.
This also shows that fingerprint alone cannot be used to determine that
connection moved to the new device.

I thought the logic that made sense was:
1. DTLS connection is re-established whenever underlying transport changes
(already in the specification).
2. Fingerprint and setup role MUST not change unless underlying transport
changes as well (already in the specification).
3. Unless ICE is used, underlying transport is considered changed if
5-tuple for connection changes  (already in the specification)
4. In case of ICE, the underlying transport is considered changed if ufrag
and entire candidate list changed on either side of the call (missing from
the current specification).

In the proposed text, the issue that I have is with the phrase
"Implementations MUST treat all ICE candidate pairs associated with a an
SCTP association on top of a DTLS connection as part of the same DTLS
connection". I am not 100% sure what this means and even if this is
accurate. "All ICE candidate pairs associated with a an SCTP association"
is unclear to me. Does this refer only to the candidate pairs for the
current ICE session or to the candidate pairs for any future ICE sessions
associated with this SCTP association?

Original text from RFC 5763 ("Implementations MUST treat all ICE candidate
pairs associated with a single component as part of the same DTLS
association") is more accurate but suffers from the fact that "single
component" is not well defined and because of this runs into similar
issues. Does ICE re-start creates a new component or is old component
considered to be re-used? If component is specific to ICE session (ufrag
pair), can candidates from the previous session be re-used for negotiating
a new component? If they can, how do you de-mux packets received between
old and new component if candidates were reused on both sides.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email